> From: Derek Martin [mailto:inva...@pizzashack.org] > Sent: Tuesday, June 14, 2011 7:14 PM > > The upshot of that is that it doesn't matter how much you trust your > bank's online security. You gain nothing by not trusting the service, > because your info is already available to your would-be attacker. You
Well, I don't think that's quite fair or true... I would contend that simply having my bank info in the bank servers does not automatically serve up my bank info to would-be attackers. Even if the would-be attacker has compromised a major root CA and successfully poisoned DNS in order to perpetrate a MITM attack... That attack will not get any of my personal information if I'm not using the service. _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
